projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
puppet 4 foo
[mirror/dsa-puppet.git] / modules / bacula / manifests / client.pp
diff --git a/modules/bacula/manifests/client.pp b/modules/bacula/manifests/client.pp
index 879978c..05234fc 100644 (file)
--- a/modules/bacula/manifests/client.pp
+++ b/modules/bacula/manifests/client.pp
@@ -1,38 +1,84 @@
 class bacula::client inherits bacula {
+       @@bacula::storage_per_node { $::fqdn: }
 
-  package {
-    "bacula-client": ensure => installed;
-    "bacula-fd": ensure => installed;
-  }
+       if ! getfromhash($site::nodeinfo, 'not-bacula-client') {
+               @@bacula::node { $::fqdn:
+                       bacula_client_port => $bacula::bacula_client_port,
+               }
+       }
 
-  service {
-    "bacula-fd":
-      ensure => running,
-      enable => true,
-      hasstatus => true,
-      require => Package["bacula-fd"];
-  }
+       package { ['bacula-fd']:
+               ensure => installed
+       }
 
-  file {
-    "/etc/bacula/bacula-fd.conf":
-      content => template("bacula/bacula-fd.conf.erb"),
-      mode => 640,
-      owner => root,
-      group => bacula,
-      require => Package["bacula-fd"],
-      notify  => Exec["bacula-fd restart"]
-      ;
-  }
+       service { 'bacula-fd':
+               ensure    => running,
+               enable    => true,
+               hasstatus => true,
+               require   => Package['bacula-fd']
+       }
 
-  exec {
-    "bacula-fd restart":
-      path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
-      refreshonly => true;
-  }
+       exec { 'bacula-fd restart-when-idle':
+               path        => '/usr/bin:/usr/sbin:/bin:/sbin',
+               command     => 'sh -c "setsid /usr/local/sbin/bacula-idle-restart fd &"',
+               refreshonly => true,
+               subscribe   => [ File[$bacula_ssl_server_cert], File[$bacula_ssl_client_cert] ],
+               require     => File['/usr/local/sbin/bacula-idle-restart'],
+       }
 
-  @ferm::rule { 'dsa-bacula-fd':
-    domain      => '(ip)',
-    description => 'Allow bacula access from storage and director',
-    rule        => "proto tcp mod state state (NEW) dport (bacula-fd) saddr ($bacula_director_address) ACCEPT",
-  }
+       file { '/etc/bacula/bacula-fd.conf':
+               content => template('bacula/bacula-fd.conf.erb'),
+               mode    => '0640',
+               owner   => root,
+               group   => bacula,
+               require => Package['bacula-fd'],
+               notify  => Exec['bacula-fd restart-when-idle'],
+       }
+       file { '/usr/local/sbin/bacula-backup-dirs':
+               mode    => '0775',
+               source  => 'puppet:///modules/bacula/bacula-backup-dirs',
+       }
+       file { '/usr/local/sbin/postbaculajob':
+               mode    => '0775',
+               source  => 'puppet:///modules/bacula/postbaculajob',
+       }
+       file { '/etc/default/bacula-fd':
+               content => template('bacula/default.bacula-fd.erb'),
+               mode    => '0400',
+               owner   => root,
+               group   => root,
+               require => Package['bacula-fd'],
+               notify  => Service['bacula-fd'],
+       }
+       if ($::lsbmajdistrelease >= '9' and $systemd) {
+               file { '/etc/systemd/system/bacula-fd.service.d':
+                       ensure  => directory,
+                       mode    => '0755',
+                       owner   => root,
+                       group   => root,
+               }
+               file { '/etc/systemd/system/bacula-fd.service.d/user.conf':
+                       source  => 'puppet:///modules/bacula/bacula-fd-systemd',
+                       mode    => '0400',
+                       owner   => root,
+                       group   => root,
+                       notify  => Exec['systemctl daemon-reload'],
+               }
+       } else {
+               file { '/etc/systemd/system/bacula-fd.service.d/user.conf':
+                       ensure  => absent,
+               }
+       }
+
+       @ferm::rule { 'dsa-bacula-fd-v4':
+               domain      => '(ip)',
+               description => 'Allow bacula access from storage and director',
+               rule        => "proto tcp mod state state (NEW) dport (${bacula_client_port}) saddr (${bacula_director_ip}) ACCEPT",
+       }
+
+       #@ferm::rule { 'dsa-bacula-fd-v6':
+       #       domain      => '(ip6)',
+       #       description => 'Allow bacula access from storage and director',
+       #       rule        => "proto tcp mod state state (NEW) dport (bacula-fd) saddr (${bacula_director_ip6}) ACCEPT",
+       #}
 }
Unnamed repository; edit this file 'description' to name the repository.